Articles In Technology Week in Review

Tuesday 5/21
Millions of Instagram influencers and brands had their private contact data scraped and exposed
From a brief review of the data, each record contained public data scraped from Instagram accounts, including their bio, profile picture, the number of followers they have, if they’re verified and their location by city and country, but also contained private contact information, such as the Instagram account owner’s email address and phone number.
https://tcrn.ch/2QgvvWa
Citrix Usher... read more.

Monday 5/13
Update Your Drivers Right Now If You Have An NVIDIA GeForce, Quadro or Tesla Graphics Card
Nvidia has uncovered and patched three vulnerabilities in the Windows display drivers for the company’s GeForce, Quadro and Tesla graphics cards. If exploited, the vulnerabilities could lead to denial of service, escalation of privileges or information disclosure on the host machines.
http://bit.ly/2JhRtYk
HyTrust Launches Full-Scale Security Platform for VMware, AWS, Containers
HyTrust CloudCon... read more.

Monday 5/6
Hackers steal card data from 201 online campus stores from Canada and the US
A group of hackers has planted malicious JavaScript code that steals payment card details inside the e-commerce system used by colleges and universities in Canada and the US. The malicious code was found on 201 online stores that were catering to 176 colleges and universities in the US and 21 in Canada.
https://zd.net/2GZBMl8
Shellbot malware evolves to spread and shuts down other cryptominers
The malware has new ca... read more.

Monday 4/29
Researchers develop new technique to identify malware in embedded systems
At issue are so-called micro-architectural attacks. This form of malware makes use of a system’s architectural design, effectively hijacking the hardware in a way that gives outside users control of the system and access to its data.Spectre and Meltdown are high-profile examples of micro-architectural malware.
http://bit.ly/2GQg3Nr
Chrome on Android: Phishing attackers can now trick you with fake address bar
Nor... read more.

Monday 4/22
Popup enlarges at the last second so users click on ads instead of ‘Close’ button
When the user moves his mouse to close the popup, CSS code from that page will expand the popup and move the ad in the cursor's path, so any click on the close button will actually land on the ad instead.
https://zd.net/2GrhmkN
How to prevent rootkit-enabled malware Scranos from harming your organization
Scranos cloaks itself as cracked software or apps that pose as legitimate programs, such as ebo... read more.

Monday 4/15
CyberArk Named Top Security Solution for Government Agencies
CyberArk is recognized as the premier cybersecurity solution for government agencies and organizations to protect against the exploitation of privileged accounts, credentials and secrets across every environment – including on the endpoint and across on-premises, hybrid cloud and DevOps environments.
http://bit.ly/2UXTu1j
‘Exodus’ spyware posed as a legit iOS app
Once installed, Exodus could access photos, videos... read more.

Monday 4/8
This prolific phishing gang is back with new tactics to target executives
A prolific cyber-criminal phishing operation which built a list of 50,000 executives, CFOs and other top financial personnel has expanded its operations with a new database of additional targets. The Business Email Compromise (BEC) group dubbed London Blue distributes phishing emails in an effort to trick organisations into transferring large sums of money into their accounts, often while posing as executives and oth... read more.

Monday 4/1
Malware may have stolen 2 million US restaurant diners’ credit card details
That malware could have stolen card numbers, expiration dates and cardholder names from people who used them at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy, Mixology and Tequila Taqueria between May 23, 2018, and March 18, 2019.
https://cnet.co/2TNsjS3
Toyota announces second security breach in the last five weeks
Toyota said the servers that hackers accessed stored sales information on up to... read more.

Monday 3/25
FEMA ‘major privacy incident’ reveals data from 2.5 million disaster survivors
The data mishap, discovered recently and the subject of a report by the Department of Homeland Security’s Office of Inspector General, occurred when the agency shared sensitive, personally identifiable information of disaster survivors who used FEMA’S Transitional Sheltering Assistance program, according to officials at FEMA. Those affected included the victims of California wildfires in 2017... read more.

Monday 3/18
Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware
The email goes on to discuss how the Berlinger persona found a document leaked on the dark web. This file purports to identify several companies that will suffer similar crashes involving Boeing 737 Max aircraft in the future. Under the guise of helping them protect their loved ones, Berlinger asks users to view the document by opening an attached JAR file named “MP4_142019.jar.”
http://bit.ly/2TexeuY
This New... read more.